Deployment Requirements for a vSphere Client
Remote Plug-in
To prepare a remote plug-in for deployment, you must prepare at least one file and launch one or more processes. The simplest plug-in can be implemented with a single back-end server and a plug-in manifest file that describes the extension views and other details about the plug-in.
Deployment of a remote plug-in takes place at run time, but you must make preparations in advance. You need to do the following to prepare for plug-in deployment:
- Run a web server that provides plug-in components on demand.
- Run your plug-in server binary. The plug-in server runs on a virtual or physical machine of your choice, but it must be the same machine as the web server.
- Prepare a plug-in manifest file,plugin.json, that specifies the plug-in components. See also . The manifest file must be accessible by HTTPS, on the same machine as the web server.
- Register your plug-in with a vCenter Server instance. You can register either by using the registration script in the SDK or by writing your own registration tool. In either case, you need the URL and credentials to access the vCenter Server instance. You also need the security certificate or thumbprint of your plug-in manifest server, and the URL of your plug-in manifest file. The connection should be secure HTTP (HTTPS).
For production installations, a best
practice is to create a registration tool that does not expose vCenter Server credentials on
the command line.
When registering the plug-in, it's highly
recommended to provide the SSL certificate of the plug-in server in addition to the
thumbprint of the SSL certificate of the plug-in server. Performing a full SSL certificate
check during SSL handshake is more secure than performing an SSL certificate thumbprint
check. Furthermore, in future vSphere releases, support for SSL certificate thumbprints will
be dropped and full SSL certificates will be required.
To register a plug-in by using the script in the
SDK, you use the
registerPlugin
function of the
extension-registration
script. The script arguments are demonstrated in the
following example../extension-registration.sh -action registerPlugin -remote \ -url https://myvcenter/sdk \ -username administrator@vsphere.local -password mysecret \ -key com.mycompany.myplugin -version 1.0.0 \ -pluginUrl https://mydevbox:8443/myplugin/plugin.json \ -serverThumbprint 19:FD:2B:0E:62:5E:0E:10:FF:24:34:7A:81:F1:D5:33:\ 19:A7:22:A0:DA:33:27:07:90:0F:8E:8D:72:F1:BD:F1 \ -serverCertificateFile /tmp/plugin-server.cer \ -vCenterServerThumbprint 2A:0E:3C:1F:73:6F:1F:21:00:35:45:8B:92:02:E6:44:\ 2A:B8:33:B1:EB:44:38:18:A1:10:9F:9E:83:02:CE:02 \ -c 'Example, Inc.' -n 'Remote Plug-in' -s 'This is a remote plug-in'
To register a plug-in by means of your own
tool, you must create an
Extension
type record in the
ExtensionManager
managed object. The Extension
record must
describe the plug-in manifest server in two places: client[0]
and
server[0]
. These two array entries are similar in several properties, but
have important differences:- Theclientarray, which has typeExtensionClientInfo[], contains the plug-in version in the first element. This is required so that the vSphere Client can manage plug-ins correctly.
- Theclientarray must have atypeproperty with a value ofvsphere-client-remotein the first element.
- Theserverarray, which has typeExtensionServerInfo[], must have atypeproperty with any value you choose in the first element. A best practice is to assign the valueMANIFEST_SERVERto the first element of the array, to identify the manifest server for the plug-in.
- To support HTTPS connections, theserverarray must have eitherserverThumbprintorserverCertificateFileor both in the first element. PropertyserverThumbprinttakes the value of the SHA-256 hash of the server certificate, whileserverCertificateFiletakes the value of the PEM-encoded server certificate (string).HTTP connections are not recommended for production use with the vSphere Client.
Both the
client
array and the
server
array must have the same value in the url
property
of the first array element. The value must be the URL of the plug-in manifest server.For information about the plug-in manifest, see
Sample Manifest File for a
Remote Plug-in. For information about auxiliary plug-in processes, see Using Auxiliary Plug-in
Servers. For information about the plug-in registration script, see vSphere Client
Plug-in Registration Tool.